Mandriva Linux Security Advisory 2009-339 - Security issues were identified and fixed in Firefox 3.0.x. These include multiple unspecified vulnerabilities as well as memory corruption issues.
06915cef15d98b90ecc13511e6cf2f4cb0b21ccd16512646a4af384606c37067Ubuntu Security Notice 873-1 - Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack.
8eaaba6dc798f53aa0cfdc9af6581d1658b9863011229fab65c636d57a06a8dcDebian Linux Security Advisory 1956-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
026c3688357381e7028edd382d11fc2fa4570e5d376cebbdc33075c99555604d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed